City Research Online

Continuous authentication on mobile devices

Smith-Creasey, M. (2020). Continuous authentication on mobile devices. (Unpublished Doctoral thesis, City, University of London)

Abstract

Mobile devices are one of the most popular technologies in the world. Sales have increased yearly and almost all households have at least one. They are used for personal and business use, storing a plethora of private data. The data stored on these devices could be used for malicious purposes if obtained by attackers. Recently, traditional authentication techniques have been shown to have flaws that enable attackers to bypass them. Furthermore, traditional techniques only authenticate once, which enables attackers to steal an unlocked device and still maintain the ability to access private data. Researchers have proposed continuous authentication techniques to mitigate these issues, but there is work required to make such approaches both secure and usable. Most schemes currently are limited in modalities and lack the flexibility that can enhance both security and usability. This thesis focuses on advancing continuous authentication on mobile devices through providing new and novel mechanisms. In order to achieve this, the thesis proposes four novel contributions described in the following.

The first contribution is a continuous authentication scheme based on a modality with little existing research: gesture typing. A novel set of six feature groupings are constructed to contain different types of features and capture the nuances word-gestures. The result shows the proposed technique performs better than other touchscreen-based features. Within this contribution, the activity performed during the typing sessions are also considered.

The second contribution provides a scheme for continuous face authentication, including modules that current schemes were found to lack: liveness detection, contextual awareness and face tracking. Results show that each of these modules can provide significant benefits to security and usability (e.g.: detection of illumination or activity context allows a template from the same context to be selected for enhanced accuracy).

The third contribution is a multi-modal behavioural authentication scheme using passively collected sensor data to authenticate users. A set of novel techniques for modelling the uncertainty in the scores obtained from the sensors is produced. The scores and the uncertainty in them can then be fused, using Dempster-Shafer theory. This scheme is shown to provide better accuracy than other commonly used fusion approaches due to the use of uncertainty.

The last contribution joins the concepts of the previous contributions and employs touchscreen and face biometrics in an ensemble learning scheme to combine and enhance the biometrics. Furthermore, an adaptive threshold mechanism is introduced to compare the combined touchscreen and face score against. The threshold is adapted based on the score of the passively collected biometrics from the previous contribution. This approach is shown to yield enhanced and adaptable security and usability.

Publication Type: Thesis (Doctoral)
Subjects: Q Science > QA Mathematics > QA75 Electronic computers. Computer science
Departments: Doctoral Theses
Doctoral Theses > School of Mathematics, Computer Science and Engineering Doctoral Theses
School of Mathematics, Computer Science & Engineering > Engineering
Date Deposited: 27 Nov 2020 14:38
URI: https://openaccess.city.ac.uk/id/eprint/25328
[img] Text - Accepted Version
This document is not freely accessible until 30 November 2023 due to copyright restrictions.

To request a copy, please use the button below.

Request a copy

Export

Downloads

Downloads per month over past year

View more statistics

Actions (login required)

Admin Login Admin Login